Data encryption and decryption method and encryption and decryption device

ABSTRACT

An encryption method for data includes acquiring data to be encrypted and user information set relevant to the encryption, sending a key acquisition instruction to a terminal corresponding to the user information, receiving a key returned from the terminal corresponding to the user information, encrypting the data to be encrypted by using the key, and transmitting encrypted data to the terminal corresponding to the user information.

CROSS REFERENCE TO RELATED APPLICATION

This application claims priority to Chinese Application No.201510719751.3, filed Oct. 28, 2015. The entire disclosure of the aboveapplication is incorporated herein by reference.

BACKGROUND 1. Field of the Disclosure

The present disclosure relates to an encryption and decryptiontechnology, more particularly, to a method of encrypting and decryptingdata and an encryption and decryption device.

2. Description of the Related Art

With the development of society, the Internet and the mobile Internethave already become an inseparable part of human life. As the Internetbrings a variety of conveniences and rapidity, the leakage of user'spersonal information has become the focus of attention. In the relatedart, instant chat software or instant communication tools do not encryptthe file contents themselves when the files are transferred. That is,any other person is able to normally open and view the files to obtaintheir contents as long as the files are accessed. In this manner, thesecurity is very poor. If confidential documents need to be transferredthrough real-time chat software, or if computers are hacked, thenvaluable personal information or confidential documents are likely toleak.

Therefore, a relatively severe security problem exists in the relatedart when private documents are used in the Internet by the user thereof.

Accordingly, there is a need to provide a new technical scheme toresolve the above technical problems.

SUMMARY

An objective of the present disclosure is to provide a method ofencrypting and decrypting data and an encryption and decryption deviceto resolve the relatively severe security problem in the related artwhen private documents are used in the Internet by the user thereof.

In order to resolve the above technical problems, the technical schemeprovided by the present disclosure is introduced.

In one aspect, an encryption method for data is provided. The encryptionmethod for data includes the following blocks.

Data to be encrypted and the user information set relevant to theencryption are acquired.

A key acquisition instruction is sent to a terminal corresponding to theuser information based on the user information set relevant to theencryption.

A key returned from the terminal corresponding to the user informationis received.

The data is encrypted by using the key.

Encrypted data is transmitted to the terminal corresponding to the userinformation.

In another aspect, a decryption method for data is provided. Thedecryption method for data includes the following blocks.

Encrypted data and user information set relevant to the encryption areacquired.

A decryption key for the encrypted data is acquired based on therelevant user information.

The encrypted data is decrypted by using the decryption key.

The data is opened if decryption is successful.

In still another aspect, an encryption device for data is provided. Theencryption device includes an acquisition module, an instruction sendingmodule, a key receiving module, an encryption module and a transmissionmodule.

The acquisition module is configured to acquire data to be encrypted anduser information set relevant to the encryption.

The instruction sending module is configured to send a key acquisitioninstruction to a terminal corresponding to the user information based onthe user information set relevant to the encryption.

The key receiving module is configured to receive a key returned fromthe terminal corresponding to the user information.

The encryption module is configured to encrypt the data to be encryptedby using the key.

The transmission module is configured to transmit encrypted data to theterminal corresponding to the user information.

In yet another aspect, a decryption device for data is provided. Thedecryption device for data includes an acquisition module, a decryptionacquiring module, a decryption acquiring module, a decryption module andan opening module.

The acquisition module is configured to acquire encrypted data and setrelevant user information.

The decryption acquiring module is configured to acquire a decryptionkey for the encrypted data based on the relevant user information.

The decryption module is configured to decrypt the encrypted data byusing the decryption key.

The opening module is configured to open the data if decryption issuccessful.

The present disclosure further provides a mobile terminal including theabove encryption device for data.

The present disclosure further provides a mobile terminal including theabove decryption device for data.

As compared with the related art, the method of encrypting anddecrypting data and the encryption and decryption device according tothe present disclosure acquire the encryption key from the relevantuser, encrypt the data through the encryption key, and send theencrypted data to the another terminal. The another terminal acquiresthe decryption key corresponding to the relevant user and decrypts theencrypted data through the decryption key, and only when the decryptionis successful can the data be opened. The present disclosure can ensurethe security of files transmitted over a network, which is convenientand fast and significantly improves the user experience.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a schematic flowchart for implementing an encryptionmethod for data according to a first embodiment of the presentdisclosure.

FIG. 2 illustrates a schematic flowchart for implementing an encryptionmethod for data according to a second embodiment of the presentdisclosure.

FIG. 3 illustrates a schematic flowchart for implementing an encryptionmethod for data according to a third embodiment of the presentdisclosure.

FIG. 4 illustrates a schematic flowchart for implementing a decryptionmethod for data according to a fourth embodiment of the presentdisclosure.

FIG. 5 illustrates a schematic flowchart for implementing a decryptionmethod for data according to a fifth embodiment of the presentdisclosure.

FIG. 6 illustrates a schematic diagram of a structure of an encryptiondevice for data according to a sixth embodiment of the presentdisclosure.

FIG. 7 illustrates a schematic diagram of a structure of an encryptiondevice for data according to a seventh embodiment of the presentdisclosure.

FIG. 8 illustrates a schematic diagram of a structure of an encryptiondevice for data according to an eighth embodiment of the presentdisclosure.

FIG. 9 illustrates a schematic diagram of a structure of a decryptiondevice for data according to a ninth embodiment of the presentdisclosure.

FIG. 10 illustrates a schematic diagram of a structure of a decryptiondevice for data according to a tenth embodiment of the presentdisclosure.

FIG. 11 illustrates a schematic diagram of a structure of a mobileterminal according to an eleventh embodiment of the present disclosure.

DESCRIPTION OF THE EMBODIMENTS

Please refer to the drawings, in which the same components arerepresented by the same component symbols. The principle of the presentdisclosure is illustrated by an application in a suitable computingenvironment. The following description is based on the illustratedspecific embodiment of the present disclosure, which should not beconstrued as limiting other specific embodiments not discussed in detailherein.

While the principle of the present disclosure is being described in theforegoing context, it is not meant to be limiting as those of skill inthe art will appreciate that the various steps and operations describedhereinafter may also be implemented in hardware. The principle of thepresent disclosure is performed by using many other general-purpose orspecific-purpose operations, communications environments, orconfigurations.

The method of encrypting and decrypting data and the encryption anddecryption device according to the present disclosure are mainly appliedto terminal equipment, such as a cell phone, a portable computer, apersonal digital assistant (PDA), etc.

A detailed description is provided in the following.

Embodiment I

A description is provided with reference to FIG. 1. FIG. 1 illustratesan encryption method for data according to an embodiment of the presentdisclosure.

The encryption method for data is applied to terminal equipment. Ingreater detail, the encryption method can begin at block S101.

At block S101, data to be encrypted and user information set relevant tothe encryption are acquired.

According to the present embodiment, acquiring the user information setrelevant to the encryption may include but is not limited to thefollowing: acquiring user information of an another terminal that isset.

At block S102, a key acquisition instruction is sent to a terminalcorresponding to the user information based on the user information setrelevant to the encryption.

According to the present embodiment, the key acquisition instruction issent to the another terminal based on acquired user information of theanother terminal.

At block S103, a key returned from the terminal corresponding to theuser information is received.

According to the present embodiment, the another terminal acquireseyeball information of a user at its end to serve as the key. Theanother terminal returns the acquired eyeball information to a terminalat a sender's end to serve as the key for encrypting the data to beencrypted.

According to the present embodiment, after the block that the keyacquisition instruction is sent to the terminal corresponding to theuser information, the method further includes the following blocks.

It is determined whether the key returned from the terminalcorresponding to the user information is received within a predeterminedtime period.

A data transmission operation is rejected if it is determined that thekey returned from the terminal corresponding to the user information isnot received within the predetermined time period.

Block S104 is executed if it is determined that the key returned fromthe terminal corresponding to the user information is received withinthe predetermined time period.

At block S104, the data to be encrypted is encrypted by using the key.

According to the present embodiment, the data to be encrypted isencrypted by using the eyeball information acquired by the anotherterminal.

At block S105, encrypted data is transmitted to the terminalcorresponding to the user information.

As can be seen from the above, the present embodiment obtains theencryption key through the relevant user, encrypts the data through thekey, and sends the encrypted data to the another terminal. The presentdisclosure can ensure the security of files transmitted over a network,which is convenient and fast and significantly improves the userexperience.

Embodiment II

A description is provided with reference to FIG. 2. FIG. 2 illustratesan encryption method for data according to another embodiment of thepresent disclosure.

The encryption method for data is applied to terminal equipment. Ingreater detail, the encryption method can begin at block S201.

At block S201, data to be encrypted and user information set relevant tothe encryption are acquired.

According to the present embodiment, acquiring the user information setrelevant to the encryption may include but is not limited to thefollowing: acquiring user information of a local terminal and userinformation of another terminal.

At block S202, the user information of the local terminal that is set isacquired.

At block S203, eyeball information of a user of the local terminal isacquired based on the user information of the local terminal.

In greater detail, according to the present embodiment, block S203includes the following blocks.

An eyeball acquisition module of the local terminal turns on based onthe user information of the local terminal. The eyeball information ofthe user of the local terminal is acquired through the eyeballacquisition module.

At block S204, a key acquisition instruction is sent to a terminalcorresponding to the user information based on the user information setrelevant to the encryption.

According to the present embodiment, the key acquisition instruction issent to the another terminal based on the acquired user information ofthe another terminal.

At block S205, a key returned from the terminal corresponding to theuser information is received.

According to the present embodiment, the another terminal acquireseyeball information of a user at its end to serve as the key. Theanother terminal returns the acquired eyeball information to a terminalat a sender's end to serve as the key for encrypting the data to beencrypted.

At block S206, the data to be encrypted is encrypted by using the keyand the eyeball information of the user of the local terminal.

According to the present embodiment, the data is encrypted by using theeyeball information of the user of the local terminal and the eyeballinformation of the user of the another terminal in combination.

At block S207, encrypted data is transmitted to the terminalcorresponding to the user information.

However, block S204 and block S205 may be executed after block 201 isexecuted. Then, block S202 and block S203 are executed.

In at least one embodiment, after the block that the key acquisitioninstruction is sent to the terminal corresponding to the userinformation, the method further includes the following blocks.

It is determined whether the key returned from the terminalcorresponding to the user information is received within a predeterminedtime period.

A data transmission operation is rejected if it is determined that thekey returned from the terminal corresponding to the user information isnot received within the predetermined time period.

Block S206 is executed if it is determined that the key returned fromthe terminal corresponding to the user information is received withinthe predetermined time period.

As can be seen from the above, the present embodiment obtains theencryption key through acquiring the eyeball information of the localterminal and the another terminal, combines the eyeball information ofthe local terminal and the another terminal to encrypt data, andtransmits the encrypted data to the another terminal. The presentdisclosure can ensure the security of files transmitted over a network,which is convenient and fast and significantly improves the userexperience.

Embodiment III

A description is provided with reference to FIG. 3. FIG. 3 illustratesan encryption method for data according to still another embodiment ofthe present disclosure.

The encryption method for data is applied to terminal equipment. Ingreater detail, the encryption method can be begin at block S301.

At block S301, data to be encrypted and user information set relevant tothe encryption are acquired.

According to the present embodiment, acquiring the user information setrelevant to the encryption may include but is not limited to thefollowing: acquiring user information of a local terminal and userinformation of another terminal.

At block S302, the user information of the local terminal that is set isacquired.

At block S303, image information corresponding to the user informationat the local terminal is acquired based on the user information of thelocal terminal that is set.

At block S304, a key acquisition instruction is sent to a terminalcorresponding to the user information based on the user information setrelevant to the encryption.

According to the present embodiment, the key acquisition instruction issent to the another terminal based on the acquired user information ofthe another terminal.

At block S305, a key returned from the terminal corresponding to theuser information is received.

According to the present embodiment, the another terminal acquireseyeball information of a user at its end to serve as the key. Theanother terminal returns the acquired eyeball information to a terminalat a sender's end to serve as the key for encrypting the data to beencrypted.

At block S306, the data to be encrypted is encrypted by using the keyand the image information of a user of the local terminal.

According to the present embodiment, the data to be encrypted isencrypted by using the eyeball information of the user of the anotherterminal and the image information of the user of the local terminal incombination.

At block S307, encrypted data is transmitted to the terminalcorresponding to the user information.

However, block S304 and block S305 may be executed after block 301 isexecuted. Then, block S302 and block S303 are executed.

In at least one embodiment, after the block that the key acquisitioninstruction is sent to the terminal corresponding to the userinformation, the method further includes the following blocks.

It is determined whether the key returned from the terminalcorresponding to the user information is received within a predeterminedtime period.

A data transmission operation is rejected if it is determined that thekey returned from the terminal corresponding to the user information isnot received within the predetermined time period.

Block S306 is executed if it is determined that the key returned fromthe terminal corresponding to the user information is received withinthe predetermined time period.

As can be seen from the above, the present embodiment obtains theencryption key through acquiring the image information of user of thelocal terminal and the eyeball information of the another terminal,combines the image information of the user of the local terminal and theeyeball information of the another terminal to encrypt data, andtransmits the encrypted data to the another terminal. The presentdisclosure can ensure the security of files transmitted over a network,which is convenient and fast and significantly improves the userexperience.

Embodiment IV

A description is provided with reference to FIG. 4. FIG. 4 illustrates adecryption method for data according to an embodiment of the presentdisclosure.

The decryption method for data is applied to terminal equipment. Ingreater detail, the decryption method can be begin at block S401.

At block S401, encrypted data and relevant user information that is setare acquired.

According to the present embodiment, acquiring the relevant userinformation that is set may include but is not limited to the following:acquiring user information of a local terminal.

At block S402, a decryption key for the encrypted data is acquired basedon the relevant user information.

In greater detail, according to the present embodiment, block S402includes the following blocks.

An eyeball acquisition module of the local terminal turns on based onthe user information of the local terminal, acquiring the eyeballinformation of a user of the local terminal through the eyeballacquisition module to serve as the decryption key.

At block S403, the encrypted data decrypted by using the decryption key.

According to the present embodiment, the encrypted data is decrypted byusing the acquired eyeball information of the user of the localterminal.

In at least one embodiment, after block S403 the method further includesthe following blocks.

It is determined whether a number of times that decryption fails exceedsa preset threshold value within a predetermined time period.

The encrypted data is deleted if the number of times that decryptionfails exceeds the preset threshold value.

At block S404, the data is opened if decryption is successful.

As can be seen from the above, in the present embodiment an anotherterminal obtains the decryption key corresponding to a relevant user,decrypts the encrypted data through the decryption key, and the data isopened if the decryption is successful and the data is deleted if thedecryption fails. The present disclosure can ensure the security offiles transmitted over a network, which is convenient and fast andsignificantly improves the user experience.

Embodiment V

A description is provided with reference to FIG. 5. FIG. 5 illustrates adecryption method for data according to another embodiment of thepresent disclosure.

The decryption method for data is applied to terminal equipment. Ingreater detail, the decryption method includes the following blocks.

At block S501, encrypted data and relevant user information that is setare acquired.

According to the present embodiment, acquiring the relevant userinformation that is set may include but is not limited to the following:acquiring user information of a local terminal and user information of aterminal at a sender's terminal.

At block S502, a video window of the local terminal enables when theuser information of the terminal at the sender's end is acquired.Eyeball information of a user of the terminal at the sender's end iscollected through the video window.

At block S503, an eyeball acquisition module of the local terminal turnson when the user information of the local terminal is acquired. Eyeballinformation of a user of the local terminal is collected through theeyeball acquisition module.

At block S504, the encrypted data is decrypted by using the acquiredeyeball information of the user of the local terminal and eyeballinformation of the user of the terminal at the sender's end.

In at least one embodiment, after block S504 the method further includesthe following blocks.

It is determined whether a number of times that decryption fails exceedsa preset threshold value within a predetermined time period.

The encrypted data is deleted if the number of times that decryptionfails exceeds the preset threshold value.

At block S505, the data is opened if decryption is successful.

However, block S502 may be executed after block S503 is executed.

As can be seen from the above, in the present embodiment an anotherterminal obtains the decryption key through acquiring the eyeballinformation of the user of the local terminal and the eyeballinformation of the user of another terminal, decrypts the encrypted datathrough the decryption key, and the data is opened if the decryption issuccessful and the data is deleted if the decryption fails. The presentdisclosure can ensure the security of files transmitted over a network,which is convenient and fast and significantly improves the userexperience.

Embodiment VI

A description is provided with reference to FIG. 6. FIG. 6 illustrates aschematic diagram of a structure of an encryption device for dataaccording to a sixth embodiment of the present disclosure. In order tofacilitate illustration, only portions relevant to the presentembodiment are shown. The encryption device includes an acquisitionmodule 101, an instruction sending module 102, a key receiving module103, an encryption module 104, and a transmission module 105. Theencryption device may be incorporated in a software unit, a hardwareunit, or a unit in which software and hardware are combined in aterminal.

The acquisition module 101 is configured to acquire data to be encryptedand user information set relevant to the encryption.

The instruction sending module 102 is configured to send a keyacquisition instruction to a terminal corresponding to the userinformation based on the user information set relevant to theencryption.

The key receiving module 103 is configured to receive a key returnedfrom the terminal corresponding to the user information.

The encryption module 104 is configured to encrypt the data to beencrypted by using the key.

The transmission module 105 is configured to transmit encrypted data tothe terminal corresponding to the user information.

In at least one embodiment, the encryption device further includes ajudge module and a rejection module.

The judge module is configured to determine whether the key returnedfrom the terminal corresponding to the user information is receivedwithin a predetermined time period.

The rejection module is configure to reject a data transmissionoperation if the judge module determines that the key returned from theterminal corresponding to the user information is not received withinthe predetermined time period.

In greater detail, the encryption module 104 is configured to encryptthe data to be encrypted by using the key if the judge module determinesthat the key returned from the terminal corresponding to the userinformation is received within the predetermined time period.

Embodiment VII

A description is provided with reference to FIG. 7. FIG. 7 illustrates aschematic diagram of a structure of an encryption device for dataaccording to a seventh embodiment of the present disclosure. In order tofacilitate illustration, only portions relevant to the presentembodiment are shown. The encryption device includes: an acquisitionmodule 201, an information acquisition module 202, an eyeballacquisition module 203, an instruction sending module 204, a keyreceiving module 205, an encryption module 206, and a transmissionmodule 207. The encryption device may be incorporated in a softwareunit, a hardware unit, or a unit in which software and hardware arecombined in a terminal.

The acquisition module 201 is configured to acquire data to be encryptedand user information set relevant to the encryption.

The information acquisition module 202 is configured to acquire userinformation of a local terminal that is set.

The eyeball acquisition module 203 is configured acquire eyeballinformation of a user of the local terminal based on the userinformation of the local terminal.

The instruction sending module 204 is configured to send a keyacquisition instruction to a terminal corresponding to the userinformation based on the user information set relevant to theencryption.

The key receiving module 205 is configured to receive a key returnedfrom the terminal corresponding to the user information.

In greater detail, the encryption module 206 is configured to encryptthe data to be encrypted by using the key and the eyeball information ofthe user of the local terminal.

The transmission module 207 is configured to transmit encrypted data tothe terminal corresponding to the user information.

According to the present embodiment, in greater detail, the eyeballacquisition module 203 includes: a turning-on module and an eyeballcollection module.

The turning-on module is configured to turn on the eyeball collectionmodule of the local terminal based on the user information of the localterminal.

The eyeball collection module is configured to collect the eyeballinformation of the user of the local terminal

In at least one embodiment, the encryption device further includes ajudge module and a rejection module.

The judge module is configured to determine whether the key returnedfrom the terminal corresponding to the user information is receivedwithin a predetermined time period.

The rejection module is configure to reject a data transmissionoperation if the judge module determines that the key returned from theterminal corresponding to the user information is not received withinthe predetermined time period.

In greater detail, the encryption module 206 is configured to encryptthe data to be encrypted by using the key and the eyeball information ofthe user of the local terminal if the judge module determines that thekey returned from the terminal corresponding to the user information isreceived within the predetermined time period.

Embodiment VIII

A description is provided with reference to FIG. 8. FIG. 8 illustrates aschematic diagram of a structure of an encryption device for dataaccording to an embodiment of the present disclosure. In order tofacilitate illustration, only portions relevant to the presentembodiment are shown. The encryption device includes: an acquisitionmodule 301, a user information acquisition module 302, an imageacquisition module 303, an instruction sending module 304, a keyreceiving module 305, an encryption module 306, and a transmissionmodule 307. The encryption device may be incorporated in a softwareunit, a hardware unit, or a unit in which software and hardware arecombined in a terminal.

The acquisition module 301 is configured to acquire data to be encryptedand user information set relevant to the encryption t.

The user information acquisition module 302 is configured to acquireuser information of a local terminal that is set.

The image acquisition module 303 is configured to acquire imageinformation corresponding to the user information at the local terminalbased on the user information of the local terminal that is set.

The instruction sending module 304 is configured to send a keyacquisition instruction to a terminal corresponding to the userinformation based on the user information set relevant to theencryption.

The key receiving module 305 is configured to receive a key returnedfrom the terminal corresponding to the user information.

In greater detail, the encryption module 306 is configured to encryptthe data to be encrypted by using the key and the image information ofthe user of the local terminal.

The transmission module 307 is configured to transmit encrypted data tothe terminal corresponding to the user information.

In at least one embodiment, the encryption device further includes: ajudge module and a rejection module.

The judge module is configured to determine whether the key returnedfrom the terminal corresponding to the user information is receivedwithin a predetermined time period.

The rejection module is configure to reject a data transmissionoperation if the judge module determines that the key returned from theterminal corresponding to the user information is not received withinthe predetermined time period.

In greater detail, the encryption module 306 is configured to encryptthe data to be encrypted by using the key and the image information ofthe user of the local terminal if the judge module determines that thekey returned from the terminal corresponding to the user information isreceived within the predetermined time period.

Embodiment IX

A description is provided with reference to FIG. 9. FIG. 9 illustrates aschematic diagram of a structure of a decryption device for dataaccording to a ninth embodiment of the present disclosure. In order tofacilitate illustration, only portions relevant to the presentembodiment are shown. The decryption device includes: an acquisitionmodule 401, a decryption acquiring module 402, a decryption module 403,and an opening module 404. The decryption device may be incorporated ina software unit, a hardware unit, or a unit in which software andhardware are combined in a terminal.

The acquisition module 401 is configured to acquire encrypted data andrelevant user information that is set.

The decryption acquiring module 402 is configured to acquire adecryption key for the encrypted data based on the relevant userinformation.

The decryption module 403 is configured to decrypt the encrypted data byusing the decryption key.

The opening module 404 is configured to open the data if decryption issuccessful.

According to the present embodiment, when the relevant user informationis user information of a local terminal, the decryption acquiring module402 specifically includes: a turning-on module and an eyeballacquisition module.

The turning-on module is configured to turn on the eyeball acquisitionmodule of the local terminal based on the user information of the localterminal.

The eyeball acquisition module is configured to acquire eyeballinformation of a user of the local terminal.

In greater detail, the decryption module 403 is configured to decryptthe encrypted data by using the acquired eyeball information of the userof the local terminal.

In at least one embodiment, the decryption device further includes atime judge module and a data deletion module.

The time judge module is configured to determine whether a number oftimes that decryption fails exceeds a preset threshold value within apredetermined time period.

The data deletion module is configured to delete the encrypted data ifthe time judge module determines that the number of times thatdecryption fails exceeds the preset threshold value.

Embodiment X

A description is provided with reference to FIG. 10. FIG. 10 illustratesa schematic diagram of a structure of a decryption device according toan embodiment of the present disclosure. In order to facilitateillustration, only portions relevant to the present embodiment areshown. The decryption device includes: an acquisition module 501, aturning-on module 502, an eyeball acquisition module 503, a video windowopening module 504, a video window acquisition module 505, a decryptionmodule 506, and an opening module 507. The decryption device may beincorporated in a software unit, a hardware unit, or a unit in whichsoftware and hardware are combined in a terminal.

The acquisition module 501 is configured to acquire encrypted data andrelevant user information that is set.

The turning-on module 502 is configured to turn on the eyeballacquisition module 503 of a local terminal when the relevant userinformation is user information of the local terminal.

The eyeball acquisition module 503 is configured to acquire eyeballinformation of a user of the local terminal.

The video window opening module 504 is configured to open a video windowof the local terminal when the relevant user information is userinformation of a terminal at a sender's end.

The video window acquisition module 505 is configured to acquire eyeballinformation of a user of the terminal at the sender's end through thevideo window.

In greater detail, the decryption module 506 is configured to decryptthe encrypted data by using the acquired eyeball information of the userof the local terminal and eyeball information of the user of theterminal at the sender's end.

The opening module 507 is configured to open the data if decryption issuccessful.

In at least one embodiment, the decryption device further includes atime judge module and a data deletion module.

The time judge module is configured to determine whether a number oftimes that decryption fails exceeds a preset threshold value within apredetermined time period.

The data deletion module is configured to delete the encrypted data ifthe time judge module determines that the number of times thatdecryption fails exceeds the preset threshold value.

In summary, the method of encrypting and decrypting data and theencryption and decryption device according to the present disclosureacquire the encryption key from the relevant user, encrypt the datathrough the encryption key, and send the encrypted data to the anotherterminal. The another terminal acquires the decryption key correspondingto the relevant user and decrypts the encrypted data through thedecryption key, and only when the decryption is successful can the databe opened. The present disclosure can ensure the security of filestransmitted over a network, which is convenient and fast andsignificantly improves the user experience.

The method of encrypting and decrypting data and the encryption anddecryption device according to the present embodiments belong to thesame concept. The detailed implementation processes are described indetail in the specification, and a description in this regard is notprovided.

Embodiment XI

FIG. 11 illustrates a block diagram of a structure of a mobile terminalaccording to an eleventh embodiment of the present disclosure. Themobile terminal may be configured to implement the method of encryptingand decrypting data and the encryption and decryption device accordingto the previous embodiments. A mobile terminal 1200 may be a smartphoneor a tablet computer.

As shown in FIG. 11, the mobile terminal 1200 may include components,such as a radio frequency (RF) circuit 110, a memory 120 including oneor more than one (only one is shown in the figure) computer readablestorage media, an input unit 130, a display unit 140, at least onesensor 150, an audio frequency circuit 160, a transmission module 170, aprocessor 180 including one or more than one (only one is shown in thefigure) processing cores, and a power supply 190, etc. Those skilled inthe art would understand that the mobile terminal 1200 is not limited tothe structure of the mobile terminal 1200 shown in FIG. 11, which mayinclude more or fewer components than illustrated, or combine certaincomponents, or have different component configurations.

The RF circuit is configured to receive and send electromagnetic wavesto realize conversion between electromagnetic waves and electricalsignals so as to communicate with a communication network or some otherdevices. The RF circuit 110 may include various circuit componentsconfigured to perform these functions in the related art, such as anantenna, a radio frequency transceiver, a digital signal processor, anencryption/decryption chip, a subscriber identity module (SIM) card, amemory, and the like. The RF circuit 110 may communicate with variousnetworks, such as the Internet, an intranet, a wireless network, orcommunicate with some other devices over a wireless network. Thewireless network may include a cellular telephone network, a wirelesslocal area network or a metropolitan area network. The above wirelessnetworks may use various communication standards, protocols andtechnologies, which include but are not limited to Global System forMobile Communication (GSM), Enhanced Data GSM Environment (EDGE),Wideband Code Division Multiple Access (WCDMA), Code Division Access(CDMA), Time Division Multiple Access (TDMA), Wireless Fidelity (Wi-Fi,IEEE 802.11a, IEEE 802.11b, IEEE 802.11g and IEEE 802.11n), Voice overInternet Protocol (VoIP), Worldwide Interoperability for MicrowaveAccess (Wi-Max), other protocols used for emails, instant messaging andshort messaging, and any other suitable communication protocols, eventhose protocols that have not yet been developed at present.

The memory 120 may be configured to store software programs and modules,such as program instructions/modules corresponding to the method ofencrypting and decrypting data and the encryption and decryption deviceaccording to the previous embodiments. The processor 180 executesvarious functional applications and data processing, that is, implementsthe method of encrypting and decrypting data and the encryption anddecryption functions through running the software programs and modulesstored in the memory 120. The memory 120 may include a high speed randomaccess memory, and may further include a nonvolatile memory, such as oneor more magnetic storage elements, a flash memory, or some othernonvolatile solid-state memory. In some embodiments, the memory 120 mayfurther include memories that are remotely disposed from the processor180. These remote memories may be connected to the mobile terminal 1200through a network. Examples of the network includes but is not limitedto the Internet, an intranet, a local area network, a mobilecommunication network, and combinations thereof.

The input unit 130 may be configured to receive input digitalinformation or character information, and generate a keyboard, mouse,joystick, optical or trackball signal input related to user settings andfunction control. In greater detail, the input unit 130 may include atouch-sensitive surface 131 and some other input apparatus 132. Thetouch-sensitive surface 131 is also called a touch screen or a touchpad, which can collect a touch operation by a user on or near it (forexample, the user uses any suitable object or attachment, such as afinger, a stylus pen, and the like, to operate on or near thetouch-sensitive surface 131), and drives a connection meanscorrespondingly according to a predetermined program. Optionally, thetouch-sensitive surface 131 may include two parts, that is, a touchdetector and a touch controller. The touch detector detects a touchposition of the user and detects a signal caused by the touch operationto transmit the signal to the touch controller. The touch controllerreceives touch information from the touch detector and converts it intotouch coordinates and then sends them to the processor 180, and canreceive commands from the processor 180 to execute. In addition, thetouch-sensitive surface 131 may be realized by using various types oftouch-sensitive surfaces, such as a resistive type, a capacitive type,an infrared type, and a surface acoustic wave type. In addition to thetouch-sensitive surface 131, the input unit 130 may further includeanother input device 132. In greater detail, the another input device132 may include but not limited to one or more of a physical keyboard,function keys (such as a volume control key, a switch key, etc.), atrackball, a mouse, a joystick, and the like.

The display unit 140 may be configured to display information input bythe user or information provided to the user and various graphical userinterfaces of the mobile terminal 1200. These graphical user interfacesmay be constituted by a graph, text, an icon, video, or any combinationthereof. The display unit 140 may include a display panel 141.Optionally, the display panel 141 may be configured by using a liquidcrystal display (LCD), an organic light-emitting diode (OLED), etc.Furthermore, the touch-sensitive surface 131 may cover the display panel141. After the touch-sensitive surface 131 detects the touch operationon or near it, the touch operation is sent to the processor 180 todetermine the type of touch event, and then the processor 180 provides avisual output on the display panel 141 correspondingly based on the typeof touch event. Although the touch-sensitive surface 131 and the displaypanel 141 are implemented as two separate components in FIG. 11 toachieve the input and output functions, however, in some embodiments thetouch-sensitive surface 131 may be integrated with the display panel 141to achieve the input and output functions.

The mobile terminal 1200 may further include the at least one sensor150, such as a light sensor, a motion sensor, and some other sensor. Ingreater detail, the light sensor may include an ambient light sensor anda proximity sensor. The ambient light sensor can adjust brightness ofthe display panel 141 based on the ambient light, and the proximitysensor can turn off the display panel 141 and/or backlight when themobile terminal 1200 is moved to the ear. As one kind of motion sensor,a gravitational acceleration sensor can detect magnitudes ofacceleration in various directions (usually three axes). When the mobileterminal 1200 is at rest, the gravitational acceleration sensor candetect a magnitude and direction of the gravity force. The gravitationalacceleration sensor can be applied to identifying a mobile phone gesture(such as horizontal and vertical screen switching, related games,magnetometer attitude calibration), vibration recognition relatedfunctions (such as functions of a pedometer, tapping), etc. As for themobile terminal 1200, other sensors, such as a gyroscope, a barometer, ahygrometer, a thermometer, an infrared sensor, etc., may be disposed init, and a description in this regard is not provided.

The audio frequency circuit 160, a speaker 161, and a microphone 162 mayprovide an audio interface between the user and the mobile terminal1200. The audio frequency circuit 160 can transmit an electrical signalthat is converted from received audio data to the speaker 161, and theelectrical signal is converted into an audio signal by the speaker 161to output. In addition, the speaker 162 converts the collected audiosignal into an electrical signal. The electrical signal is received bythe audio frequency circuit 160 and converted into audio data. Then,after the audio data is output to the processor 180 and processed, theaudio data is sent to, for example, another terminal through the RFcircuit 110, or the audio data is output to the memory 120 for furtherprocessing. The audio frequency circuit 160 may further include aheadphone jack to provide communication between a peripheral headset andthe mobile terminal 1200.

The mobile terminal 1200 can help the user send and receive emails,browse web pages and access streaming media, etc., through thetransmission module 170 (such as a Wi-Fi module), which provides awireless broadband Internet access for the user. Although in FIG. 13 thetransmission module 170 is shown, it can be understood that thetransmission module 170 is not a necessary constituent of the mobileterminal 1200 and may be omitted depending on needs without departingfrom the spirit of the present disclosure.

The processor 180 is a control center of the mobile terminal 1200. Theprocessor 180 utilizes various interfaces and lines to connect differentparts of the cell phone, and runs or executes the software programsand/or modules stored in the memory 120 and calls the data stored in thememory 120 to perform various functions of the mobile terminal 1200 andprocess data so as to perform overall monitoring of the cell phone.Optionally, the processor 180 may include one or more processing cores.In at least one embodiment, the processor 180 may integrate anapplication processor and a modem processor. The application processoris mainly responsible for processing the operating system, userinterfaces and application programs, etc. The modem processor mainlyhandles wireless communications. The modem processor may not beintegrated into the processor 180.

The mobile terminal 1200 further includes the power supply 190 (such asa battery) that supplies power to various components. In at least oneembodiment, the power supply 190 may be logically connected to theprocessor 180 through a power management system to manage functions,such as charging, discharging, and power management, through the powermanagement system. The power supply 190 may further include one or morethan one components, such as a DC or AC power supply, a rechargingsystem, a power failure detection circuit, a power converter or aninverter, a power status indicator, and the like.

Although not shown, the mobile terminal 1200 may further include acamera, a Bluetooth module, or the like, and a description in thisregard is not provided. In greater detail, the display unit 140 of themobile terminal 1200 is a touch display according to the presentembodiment. The mobile terminal includes one or more processors, amemory and one or more program instructions stored in the memory. Theone or more program instructions executed by the one or more processorsto perform the following operations.

Data to be encrypted and user information set relevant to the encryptionare acquired.

A key acquisition instruction is sent to a terminal corresponding to theuser information based on the user information set relevant to theencryption.

A key returned from the terminal corresponding to the user informationis received.

The data to be encrypted is encrypted by using the key.

Encrypted data is transmitted to the terminal corresponding to the userinformation.

Encrypted data and relevant user information that is set are acquired.

A decryption key for the encrypted data is acquired based on therelevant user information.

The encrypted data is decrypted by using the decryption key.

The data is opened if decryption is successful.

The mobile terminal according to the present embodiment may be appliedto the previous method embodiments correspondingly. A detaileddescription may be referred to the description of the previousembodiments, and a description in this regard is not provided.

All or part of the procedure introduced in the aforementioned embodimentmay be completed in related hardware commanded by a computer program,which may be easily understood by one of ordinary skill in the art. Theprogram may be stored in a computer-readable storage medium. Thecomputer-readable storage medium may be a read-only memory (ROM), arandom access memory (RAM), a disc, an optical disc, and so on.

The present disclosure is described in detail in accordance with theabove contents with the specific preferred examples. However, thispresent disclosure is not limited to the specific examples. For theordinary technical personnel of the technical field of the presentdisclosure, on the premise of keeping the conception of the presentdisclosure, the technical personnel can also make simple deductions orreplacements, and all of which should be considered to belong to theprotection scope of the present disclosure.

1. An encryption method for data comprising: acquiring data to beencrypted and user information set relevant to the encryption; sending akey acquisition instruction to a terminal corresponding to the userinformation based on the user information set relevant to theencryption; receiving a key returned from the terminal corresponding tothe user information; encrypting the data to be encrypted by using thekey; and transmitting encrypted data to the terminal corresponding tothe user information.
 2. The encryption method as claimed in claim 1,wherein after the step of acquiring the data to be encrypted and theuser information set relevant to the encryption, the encryption methodfurther comprises: acquiring user information of a local terminal thatis set; acquiring eyeball information of a user of the local terminalbased on the user information of the local terminal; the step ofencrypting the data to be encrypted by using the key comprising: usingthe key and the eyeball information of the user of the local terminal toencrypt the data to be encrypted.
 3. The encryption method as claimed inclaim 1, wherein after the step of sending the key acquisitioninstruction to the terminal corresponding to the user information, theencryption method further comprises: determining whether the keyreturned from the terminal corresponding to the user information isreceived within a predetermined time period; rejecting a datatransmission operation if it is determined that the key returned fromthe terminal corresponding to the user information is not receivedwithin the predetermined time period; executing the step of encryptingthe data to be encrypted by using the key if it is determined that thekey returned from the terminal corresponding to the user information isreceived within the predetermined time period.
 4. The encryption methodas claimed in claim 1, wherein after the step of acquiring the data tobe encrypted and the user information set relevant to the encryption,the encryption method further comprises: acquiring user information of alocal terminal that is set; acquiring image information corresponding tothe user information at the local terminal based on the user informationof the local terminal that is set; the step of encrypting the data to beencrypted by using the key comprising: using the key and the imageinformation of the user of the local terminal to encrypt the data to beencrypted.
 5. The encryption method as claimed in claim 2, wherein thestep of acquiring the eyeball information of the user of the localterminal based on the user information of the local terminal comprises:turning on an eyeball acquisition module of the local terminal based onthe user information of the local terminal; acquiring the eyeballinformation of a user of the local terminal through the eyeballacquisition module.
 6. A decryption method for data comprising:acquiring encrypted data and relevant user information that is set;acquiring a decryption key for the encrypted data based on the relevantuser information; decrypting the encrypted data by using the decryptionkey; and opening the data if decryption is successful.
 7. The decryptionmethod as claimed in claim 6, wherein when the relevant user informationis user information of a local terminal, the step of acquiring thedecryption key for the encrypted data comprises: turning on an eyeballacquisition module of the local terminal based on the user informationof the local terminal; acquiring eyeball information of a user of thelocal terminal through the eyeball acquisition module; the step ofdecrypting the encrypted data by using the decryption key comprising:using the acquired eyeball information of the user of the local terminalto decrypt the encrypted data.
 8. The decryption method as claimed inclaim 7, wherein when the relevant user information further comprisesuser information at a sender's end, the decryption method for datafurther comprises: opening a video window of the local terminal;acquiring eyeball information of a user of a terminal at the sender'send through the video window; the step of decrypting the encrypted databy using the decryption key comprising: using the acquired eyeballinformation of the user of the local terminal and the eyeballinformation of the user of the terminal at the sender's end to decryptthe encrypted data.
 9. The decryption method as claimed in claim 7,wherein after the step of decrypting the encrypted data by using thedecryption key, the decryption method further comprises: determiningwhether a number of times that decryption fails exceeds a presetthreshold value within a predetermined time period; deleting theencrypted data if the number of times that decryption fails exceeds thepreset threshold value.
 10. An encryption device for data comprising: aprocessor; and a memory connected with the processor, the memorycomprising a plurality of program instructions executable by theprocessor, the plurality of program instructions comprising: anacquisition module configured to cause the processor to acquire data tobe encrypted and user information set relevant to the encryption; aninstruction sending module configured to cause the processor to send akey acquisition instruction to a terminal corresponding to the userinformation based on the user information set relevant to theencryption; a key receiving module configured to cause the processor toreceive a key returned from the terminal corresponding to the userinformation; an encryption module configured to cause the processor toencrypt the data to be encrypted by using the key; and a transmissionmodule configured to cause the processor to transmit encrypted data tothe terminal corresponding to the user information.
 11. The encryptiondevice as claimed in claim 10, wherein the plurality of programinstructions further comprise: an information acquisition moduleconfigured to cause the processor to acquire user information of a localterminal that is set; an eyeball acquisition module configured to causethe processor to acquire eyeball information of a user of the localterminal based on the user information of the local terminal; whereinthe encryption module is further configured to cause the processor toencrypt the data to be encrypted by using the key and the eyeballinformation of the user of the local terminal.
 12. The encryption deviceas claimed in claim 10, wherein the plurality of program instructionsfurther comprise: a judge module configured to cause the processor todetermine whether the key returned from the terminal corresponding tothe user information is received within a predetermined time period; arejection module configure to cause the processor to reject a datatransmission operation if the judge module determines that the keyreturned from the terminal corresponding to the user information is notreceived within the predetermined time period; wherein the encryptionmodule is further configured to cause the processor to encrypt the datato be encrypted by using the key if the judge module determines that thekey returned from the terminal corresponding to the user information isreceived within the predetermined time period.
 13. The encryption deviceas claimed in claim 10, wherein the plurality of program instructionsfurther comprise: a user information acquisition module configured tocause the processor to acquire user information of a local terminal thatis set; an image acquisition module configured to cause the processor toacquire image information corresponding to the user information at thelocal terminal based on the user information of the local terminal thatis set; wherein the encryption module is further configured to cause theprocessor to encrypt the data to be encrypted by using the key and theimage information of a user of the local terminal.
 14. The encryptiondevice as claimed in claim 11, wherein the eyeball acquisition modulecomprises: a turning-on module configured to cause the processor to turnon an eyeball collection module of the local terminal based on the userinformation of the local terminal; the eyeball collection moduleconfigured to cause the processor to collect the eyeball information ofthe user of the local terminal. 15-20. (canceled)